Monday 15 February 2010

Using Cisco SDM in GNS3

One of the great things about GNS3 is that you can practice your labs using real IOS images. The same goes for Cisco SDM. Tasks such as configuring GRE over IPSec tunnels or applying IOS Firewall can be made so much easier via the Cisco SDM.

In this entry I'm going to show you how I configured my laptop to access the Cisco SDM within my GNS3 lab.

This lab assumes you are using a Windows XP system, you use IE, and your Java version is  jre-1_5_0_09-windows-i586-p.exe (other versions of JRE may be fine but this is what works for me).

1) Configure a loopback interface on your laptop.
The first task is to configure a loopback interface. To do this go to:
  • Start - Settings - Control Panel - Add Hardware
  • Select Next when the wizard starts and then 'Yes, I have already connected the hardware', select Next
  • You are presented with a list of currently installed devices, scroll to the bottom and choose 'Add a new hardware device', select Next
  • Check the button for 'Intsall the hardware that I manually select from a list' and select Next
  • Select 'Network Adapters' and then select Next
  • On the next screen choose 'Microsoft' from the left column and then 'Microsoft Loopback Adapter' from the right column, select Next and then Next again to install.
2)  Create your lab
Build your lab and make sure that you install an FE-TX interface on the router/firewall you'd like the laptop to connect to. Save the lab and close it.

3) Make a note of the Loopback hardware address
Go to the directory for GNS e.g.) C:\Program Files\GNS3 and locate the file 'Network device list.cmd'
Run this and make a note of the output for the new loopback address you set up in point 1 e.g)
NIO_gen_eth:\Device\NPF_{19DB09AF-0DC2-43C6-B9B7-69A0E722FA45}
 Name      : Local Area Connection 2
Desciption: Microsoft Loopback driver
N.B - copy the equivilent output that I've marked in Bold

4) Insert the output for your Loopback interface in to your lab
  • Navigate to the saved location for your lab and and right click on the file e.g) mylab.net then select edit network file (if prompted for an application choose Notepad).
  • Locate the device you wish to add your Loopback connection to and insert the interface address like the example below:  [[ROUTER R3]]
            model = 3620
            console = 2003
            slot0 = NM-4T
            s0/0 = R2 s0/1
            slot1 = NM-1FE-TX
            f1/0 = NIO_gen_eth:\Device\NPF_{19DB09AF-0DC2-43C6-B9B7-69A0E722FA45}
            x = 108.0
            y = 19.0
  • Save this.
5) Open GNS3 and open the Lab you have just added your loopback interface. 
  • If correctly configured you should now see a cloud marked something like C0 or C1 connecting to your FE interface on the router you choose to assign the connection to.
  •  Assign IP addresses on the same subnet to both the loopback interface on your windows XP system and the FE-TX interface on your network device.
  • Ping the IP addresses from either side and you should have connectivity. If you don't, trouble shoot accordingly

Now you have a functioning connection into your lab you can do many things. For example download and install Cisco SDM launcher for PC and then enter the internal IP address for the router in your lab you'd like to connect to.


You can also set up a syslog server. Install Kiwi Syslog Server and then configure your network devices to send logging information to the IP address assigned to your loopback interface.


You might want to install a RADIUS server on your XP system and then foward all RADIUS authentication requests to your loop back adapter.


These are just some examples of what you can do once you have your Loopback configure. Enjoy!

 

2 comments:

  1. have you had any luck configuring IPS?? Or Easy VPN??

    ReplyDelete
  2. Hi

    I've configured IPS without issues but I don't recall trying an EasyVPN test. It 'should' work so long as your IOS image has the correct crypto features.

    Cheers

    ReplyDelete